Smartphone security research has produced many useful tools to analyze the privacy-related behaviors of mobile apps. However, these automated tools cannot assess people's perceptions of whether a given action is legitimate, or how that action makes them feel with respect to privacy. For example, automated tools might detect that a blackjack game and a map app both use one's location information, but people would likely view the map's use of that data as more legitimate than the game. Our work introduces a new model for privacy, namely privacy as expectations. We report on the results of using crowdsourcing to capture users' expectations of what sensitive resources mobile apps use. We also report on a new privacy summary interface that prioritizes and highlights places where mobile apps break people's expectations. We conclude with a discussion of implications for employing crowdsourcing as a privacy evaluation technique.

As smartphones and other mobile computing devices have increased in ubiquity, advertisers have begun to realize a more effective way of targeting users and a promising area for revenue growth: location-based advertising. This trend brings to bear new questions about whether or not users will adopt products involving this potentially invasive form of advertising and what sorts of protections they should be given. Our real-world user study of 27 participants echoes earlier findings that users have significant privacy concerns regarding sharing their locations with advertisers. However, we examine these concerns in more detail and find that they are complex (e.g., relating not only to the quantity of ads, but the locations and times at which they are received). With advanced privacy settings, users stated they would feel more comfortable and share more information than with a simple opt-in/opt-out mechanism.

This paper presents a study that aims to answer two important questions related to targeted location-sharing privacy attacks: (1) given a group of users and their social graph, is it possible to predict which among them is likely to reveal most about their whereabouts, and (2) given a user, is it possible to predict which among her friends knows most about her whereabouts. To answer these questions we analyse the privacy policies of users of a real-time location sharing application, in which users actively shared their location with their contacts. The results show that users who are central to their network are more likely to reveal most about their whereabouts. Furthermore, we show that the friend most likely to know the whereabouts of a specific individual is the one with most common contacts and/or greatest number of contacts.

Most location sharing applications display people's locations on a map. However, people use a rich variety of terms to refer to their locations, such as "home," "Starbucks," or "the bus stop near my house." Our long-term goal is to create a system that can automatically generate appropriate place names based on real-time context and user preferences. As a first step, we analyze data from a two-week study involving 26 participants in two different cities, focusing on how people refer to places in location sharing. We derive a taxonomy of different place naming methods, and show that factors such as a person's perceived familiarity with a place and the entropy of that place (i.e. the variety of people who visit it) strongly influence the way people refer to it when interacting with others. We also present a machine learning model for predicting how people name places. Using our data, this model is able to predict the place naming method people choose with an average accuracy higher than 85%.

The popularity of micro-blogging has made general-purpose information sharing a pervasive phenomenon. This trend is now impacting location sharing applications (LSAs) such that users are sharing their location data with a much wider and more diverse audience. In this paper, we describe this as social-driven sharing, distinguishing it from past examples of what we refer to as purpose-driven location sharing. We explore the differences between these two types of sharing by conducting a comparative two-week study with nine participants. We found significant differences in terms of users' decisions about what location information to share, their privacy concerns, and how privacy-preserving their disclosures were. Based on these results, we provide design implications for future LSAs.

This paper examines the location traces of 489 users of a location sharing social network for relationships between the users' mobility patterns and structural properties of their underlying social network. We introduce a novel set of location-based features for analyzing the social context of a geographic region, including location entropy, which measures the diversity of unique visitors of a location. Using these features, we provide a model for predicting friendship between two users by analyzing their location trails. Our model achieves significant gains over simpler models based only on direct properties of the co-location histories, such as the number of co-locations. We also show a positive relationship between the entropy of the locations the user visits and the number of social ties that user has in the network. We discuss how the offline mobility of users can have implications for both researchers and designers of online social networks.

The rapid adoption of location tracking and mobile social networking technologies raises significant privacy challenges. Today our understanding of people's location sharing privacy preferences remains very limited, including how these preferences are impacted by the type of location tracking device or the nature of the locations visited. To address this gap, we deployed Locaccino, a mobile location sharing system, in a four week long field study, where we examined the behavior of study participants (n=28) who shared their location with their acquaintances (n=373.) Our results show that users appear more comfortable sharing their presence at locations visited by a large and diverse set of people. Our study also indicates that people who visit a wider number of places tend to also be the subject of a greater number of requests for their locations. Over time these same people tend to also evolve more sophisticated privacy preferences, reflected by an increase in time- and location-based restrictions. We conclude by discussing the implications our findings.

Locaccino is a location sharing application designed to empower users to effectively control their privacy. It has been piloted by close to 2000 users and has been used by researchers as an experimental platform for conducting research on location-based social networks. Featured technologies include expressive privacy rule creation, detailed feedback mechanisms that help users understand their privacy, algorithms for analyzing privacy preferences, and clients for mobile computers and smartphone devices. In addition, variations of Locaccino are also being piloted as part of research on user-controllable policy learning, learning usable privacy personas and reconciling expressiveness and user burden. The purpose of this demo is to introduce participants to the features of Locaccino, so that they can try out the Locaccino smartphone and laptop applications on their own devices, locate their friends and colleagues, and set rich privacy policies for sharing their location.

Feedback is viewed as an essential element of ubiquitous computing systems in the HCI literature for helping people manage their privacy. However, the success of online social networks and existing commercial systems for mobile location sharing which do not incorporate feedback would seem to call the importance of feedback into question. We investigated this issue in the context of a mobile location sharing system. Specifically, we report on the findings of a field deployment of Locyoution, a mobile location sharing system. In our study of 56 users, one group was given feedback in the form of a history of location requests, and a second group was given no feedback at all. Our major contribution has been to show that feedback is an important contributing factor towards improving user comfort levels and allaying privacy concerns. Participants' privacy concerns were reduced after using the mobile location sharing system. Additionally, our study suggests that peer opinion and technical savviness contribute most to whether or not participants thought they would continue to use a mobile location technology.

Each month, more attacks are launched with the aim of making web users believe that they are communicating with a trusted entity for the purpose of stealing account information, logon credentials, and identity information in general. This attack method, commonly known as "phishing," is most commonly initiated by sending out emails with links to spoofed websites that harvest information. We present a method for detecting these attacks, which in its most general form is an application of machine learning on a feature set designed to highlight user-targeted deception in electronic communication. This method is applicable, with slight modification, to detection of phishing websites, or the emails used to direct victims to these sites. We evaluate this method on a set of approximately 860 such phishing emails, and 6950 non-phishing emails, and correctly identify over 96% of the phishing emails while only mis-classifying on the order of 0.1% of the legitimate emails. We conclude with thoughts on the future for such techniques to specifically identify deception, specifically with respect to the evolutionary nature of the attacks and information available.